Chinese state hackers use rootkit to hide ToneShell malware activity

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
BBC Technology

The rootkit of all evil?

Sony BMG, the record company part of the multinational corporation that makes laptops, TVs, movies and many other things, is in trouble this week thanks to a copy protection scheme it has used on a ...
The Record

Threat actor uses HP iLO rootkit to wipe servers

An Iranian cyber-security firm said it discovered a first-of-its-kind rootkit that hides inside the firmware of HP iLO devices and which has been used in real-world attacks to wipe servers of Iranian ...